If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Win XP SP2

I know there have been a couple of threads discussing SP2 for Win XP. This article from Computer World looks at it from a little different perspective of how it will effect (break!)programs already installed on the users PC.

quote:
If developers find that SP2 breaks their applications, it most likely means that they weren't following best practices in terms of security when writing their applications, according to Goodhew.

So they are saying it is the developers fault, but then you read about their own problems:

Microsoft plans to release updates to its Visual Studio products and the .Net Framework at around the same time it releases Windows XP SP2 to address the compatibility issues, Goodhew said.

We will see what this does for security in XP, and how it will affect the normal windows user. Hopefully for the better.

quote:
Large software vendors are getting help from Microsoft to make sure that their applications are compatible with SP2, Goodhew said. Smaller vendors and others, such as enterprise software developers, need to do their own testing. "It is really up to developers to do the due diligence," he said.

The have a point. If you can not write proper, secure code, then you are the little guy. People who have written proper and secure memory management will not be affected by this. Programs written poorley with horrible memory management and allcolation will be broken because SECURITY IS NOW BEING REQUIRED. This is a 'Good Thing'

pooh, I agree with you on writing proper code, but the article said they will help large software vendors who did not code properly, but will not help the littleguy. Also, what about Microsofts own poor coding in Visual Studio and .Net Framework?
Like I stated earlier, hope this works out for the better.

pooh, I agree with you on writing proper code, but the article said they will help large software vendors who did not code properly, but will not help the littleguy.

I compeltely agree with their descision too. And here is why: The larger companies that can not code properly have the funds to say "We don't know how it's insecure, fix it for us". The littler companies who can not code properly have no funds to say "We have no idea what's wrong. Can you fix it for us?" See what I mean? It isn't a "hahahahaha the little guy SUXORS!", it's the amount of time and money Microsoft is going to have to put into others to fix their code for them. If the little guy can cough up the money to have Microsoft rewrite their code properly, then so be it. Otherwise that littleguy simply needs to write better code.

Also, what about Microsofts own poor coding in Visual Studio and .Net Framework?

Their code is already memory secure and compatible with security regulations. Their VS and .NET already meets the memory management requirements, as do most of their products.

Like I stated earlier, hope this works out for the better.

I'm sure it will, even if a few small companies go down because of it. It simply shows the origonal lesson in Coding 101: Write proper, correct code the -first- time.

Reply

I only read some of the article, but I know one thing and that is that SP1 nearly crashed my computer system. So I will not be installing SP2. Although I do understand what they are doing, but some of these security updates can really disrupt a computer.

Reply

I guess your right both ways I lose, but I try to be extra careful with my Win XP system by keeping bad files out and not sharing files on a network. In addition I create restore points every chance I get. I just have to remember to delete my old restore points, they take up space.

This is, as noted above, the age old question of security vs. functionality. The article misses this point, with just one allusion to it on the last page. Overall, though, this is what has to happen.

Users and the media can't say "it's Microsoft's fault we get hacked!" and also cry "don't dare change/break anything to fix this!" at the same time. I'm a proponent of personal responsibility, and feel users should take the first step to secure their systems. It's either one or the other, folks.